Is facebook.com legit?

75
/ 100
Mostly Safe
Industry: Social Media

This website is mostly safe, but there are some critical concerns regarding its security posture. The SSL certificate is set to expire in just 7 days, which is a major red flag for a site of this scale.

Social Media average: 80/100 · based on 38 sites

Checked: April 21, 2026 at 2:05 PM UTC

Is facebook.com a scam? Here's what we found.

Security 60/100

While the site uses TLS 1.3 and has strong security headers like HSTS and CSP, the SSL certificate expiring in 7 days is a severe oversight, and the high number of external scripts raises concerns about potential vulnerabilities.

Identity 90/100

With a domain age of almost 30 years and clear WHOIS information, the site's identity is well-established and transparent. The domain is registered with a reputable registrar and has a long expiry date.

Reputation 95/100

As one of the most visited global websites and not being on any DNS blacklists, its reputation is exceptionally strong, reflecting a long-standing and trusted web presence.

Transparency 85/100

The site provides contact information, social media links, and a favicon for branding, indicating a good level of transparency, though structured data is absent.

Compliance 90/100

The presence of both privacy policy and terms of service pages demonstrates a commitment to legal and user compliance.

Infrastructure 80/100

The DNS setup is robust with multiple name servers and email authentication (SPF, DMARC), ensuring reliable communication, though the misconfigured sitemap is a minor operational flaw.

Signals Detected

[+]
Tranco Rank: Rank #4

This is one of the most visited websites globally

[?]
Structured Data: None found

No structured data markup found

[?]
Trustpilot: No Trustpilot profile

This business has no Trustpilot presence — not unusual for smaller or newer companies

[~]
SSL Certificate: Valid

Valid certificate, expires in 7 days

[?]
Certificate Issuer: DigiCert Inc

Certificate issued by DigiCert Inc

[+]
TLS Version: TLS 1.3

Connection uses TLS 1.3

[+]
Domain Age: 29 years, 5 months

Domain created 1997-03-29T05:00:00Z (29 years, 5 months ago)

[?]
Registrar: RegistrarSafe, LLC

Registered through RegistrarSafe, LLC

[+]
Domain Expiry: 2034-03-30T04:00:00Z

Expires in 2899 days

[+]
DNSSEC: unsigned

DNSSEC status from WHOIS

[+]
DNS Resolution: 2 IP(s)

Resolves to: 2a03:2880:f176:181:face:b00c:0:25de, 157.240.253.35

[+]
Email (MX Records): 1 record(s)

Mail servers: smtpin.vvv.facebook.com.

[+]
SPF Record: Present

Domain has SPF email authentication configured

[+]
DMARC Record: Present

Domain has DMARC email authentication configured

[?]
Name Servers: 4 server(s)

DNS providers: d.ns.facebook.com., c.ns.facebook.com., b.ns.facebook.com., a.ns.facebook.com.

[~]
External Scripts: 50 scripts

Excessive number of external scripts — may indicate malicious injection

[+]
robots.txt: Selective access

Blocks unknown crawlers by default but grants access to specific bots (754 directives)

[?]
Branding: Basic

Site has a favicon but no social sharing metadata

[?]
Sitemap: Misconfigured

Sitemap URL returns non-XML content

[+]
HSTS Header: Present

Site enforces HTTPS via HSTS

[+]
Content Security Policy: Present

Site has Content Security Policy configured

[+]
Clickjacking Protection: Present

X-Frame-Options: DENY

[+]
Google Web Risk: Clean

No threats detected by Google Web Risk

[+]
Website Status: Online

Website is live and responding

[+]
Contact Info: Found

Website appears to have contact information

[+]
Legal Pages: Privacy & Terms found

Website has both privacy policy and terms of service pages

[+]
Social Media Presence: 4 platforms

Website links to multiple social media platforms

[+]
DNS Blacklists: Clean

Not found on any DNS blacklists

[?]
Web Archive: Unable to check

Could not query Wayback Machine

[?]
Certificate Transparency: Unable to check

Could not query certificate transparency logs

[+]
Page Load Time: 307ms

Fast page load

Embed This Badge

Own this site? Show visitors your trust score.

Trust badge for facebook.com
<a href="https://verified.fyi/review/facebook.com"><img src="https://verified.fyi/badge/facebook.com?size=medium&style=full&theme=dark" alt="facebook.com trust score — verified.fyi" /></a>
[![facebook.com trust score](https://verified.fyi/badge/facebook.com?size=medium&style=full&theme=dark)](https://verified.fyi/review/facebook.com)

Stay Safe Online

Good habits to protect yourself, no matter the scan result.

Use a password manager

Never reuse passwords across sites.

Enable two-factor authentication

Add a second layer of security to your accounts.

Check before you buy

Always verify unfamiliar stores before entering payment info.

When evaluating the legitimacy of a social media giant like facebook.com, it's crucial to look beyond immediate impressions and delve into its foundational trust signals. As a leading social media platform, users interact with it daily, sharing personal information and engaging with others. Therefore, a high level of security and transparency is non-negotiable. Facebook's nearly 30-year domain age and top global ranking immediately signal a deeply established and reliable entity, far removed from ephemeral or suspicious sites. Its robust email authentication (SPF, DMARC) and strong HTTPS enforcement via HSTS are essential for protecting user communications and data integrity, typical of what you'd expect from an industry leader. For a site that handles as much personal data as Facebook, these measures are foundational. While the platform generally maintains impressive technical health, a consumer should always be aware of even minor flags. The number of external scripts, though common for complex sites, can sometimes be a vector for issues if not managed diligently. The impending SSL certificate expiration, even on a site as large as Facebook, is a clear point for their technical teams to address to ensure uninterrupted secure connections. Ultimately, these are minor concerns for an otherwise overwhelmingly trusted and secure online destination within the social media landscape.